public static function invokePermissions($pUser, $pObject, $pMethod) { return true; $pUser = new User(); $registry = KISS_Framework_Registry::instance(); $permissions = $registry->getEntry('user_defined'); $permissions_default = $registry->getEntry('default'); $permission_array = array($permissions->xpath('/application/permission/user[@role="' . $pUser->getRole() . '"]/class[@name="' . get_class($pObject) . '"]/method[@name="' . $pMethod . '"]'), $permissions->xpath('/application/permission/user[@role="' . $pUser->getRole() . '"]/class[@name="' . get_class($pObject) . '"]'), $permissions->xpath('/application/permission/user[@role="' . $pUser->getRole() . '"]'), $permissions->xpath('/application/permission/user[@role="default"]')); //$permissions_default->xpath('/application/permission/user[@role="default"]') foreach ($permission_array as $permission) { if ($permission && count($permission) == 1) { return (string) $permission[0]['access'] == "true"; } } return false; }
private function isRootUser(User $existingUser) { if ($existingUser->getRole()->getName() === "ROOT") { return true; } return false; }
/** * Store User authentication data in session * * Also regenerates session id to prevent session fixation * * @param User $user */ public function signIn(User $user) { $_SESSION['HTTP_USER_AGENT'] = $_SERVER['HTTP_USER_AGENT']; $userArray = ['id' => $user->getId(), 'email' => $user->getEmail(), 'role' => $user->getRole()]; $_SESSION['User'] = serialize($userArray); session_regenerate_id(true); }
/** * Returns true if this relationship is applicable to the supplied user * @param User $user * @return boolean */ public function isRelated(User $user) { if ($this->organisation && $user->getOrganisationId() != $this->organisation || $this->group && $user->getGroup() != $this->group || $this->role && $user->getRole() != $this->role || $this->user && $user->getID() != $this->user) { return false; } return true; }
public function checkLogin() { if (isset($_POST['submit'])) { $user = new User(); $role = $user->getRole(); if ($role) { $_SESSION['role'] = $role; $_SESSION['login'] = "******"; $_SESSION['user'] = $_POST['userName']; header("Location: http://localhost/HW/View/Home.php"); } else { //header("Location: http://localhost/HW/connection.php"); ?> <div dir="rtl"> <?php $_SESSION['Fail'] = "OK"; //echo "خطأ في اسم المستخدم أو كلمة السر"; ?> </div> <?php //exit(); } } if (isset($_SESSION['logout'])) { //<div dir="rtl"> //<h2> //<?php echo "تم تسجيل الخروج بنجاح"; //</h2> //</div> //<?php session_destroy(); } }
public function setRole() { $this->setPrerequisites('userid,newrole,targetid'); if (!$this->checkPrerequisites()) { return false; } if (!$this->isModerator()) { $this->setUpError('NO RIGHTS', $this->getRole()); return false; } $target = new User(array('userid' => $this->get('targetid'))); if ($this->get('newrole') == $target->getRole()) { $this->setUpError("ALREADY IN ROLE", $this->get('newrole')); return false; } $db = new DB(); $query = 'UPDATE mototimes_users SET role=? WHERE id_vk=?'; $stmt = $db->prepare($query); $stmt->bind_param('si', $this->get('newrole'), $this->get('targetid')); $stmt->execute(); if ($stmt->errno != 0) { $this->setUpError("NO SUCH ROLE", $this->get('newrole')); } else { if ($stmt->affected_rows == 0) { $this->setUpError("NO USER", $this->get('targetid')); } else { $result = array('response' => 'ok'); $this->setResult($result); } } $db->close(); return true; }
function login() { //登录 if (isset($_POST['name'])) { $model = new User(); if ($model->check()) { //检查用户输入的用户名和密码是否有效 setcookie('user', $_POST['name']); //有效则将用户信息存入cookie和session中 $_SESSION['name'] = $model->getName(); $_SESSION['id'] = $model->getID(); $_SESSION['role'] = $model->getRole(); header('location:http://' . $_SERVER['HTTP_HOST'] . '/WeiXianPin/index.php'); //重定向到主页 exit; } else { $error = '用户名或密码错误,请重新登录'; } } else { $error = ''; } //没有提交登录表单,自然没错 include 'login.html.php'; //进入登录页面并显示错误信息(如果没有则不显示) }
function getBiographicalFeature(User $user, $feature) { switch ($feature) { case "name": $feat_str = $user->getName("%f %l"); break; case "group": $feat_str = $user->getGroup(); break; case "role": $feat_str = $user->getRole(); break; case "photo": $official_photo = UserPhoto::get($user->getID(), UserPhoto::OFFICIAL); $feat_str = $official_photo->getFilename(); break; case "organisation": $organisation = $user->getOrganisation(); $feat_str = $organisation->getTitle(); break; case "email": $feat_str = $user->getEmail(); break; case "email_alt": $feat_str = $user->getEmailAlternate(); break; case "address": $address = $user->getAddress(); $postcode = $user->getPostalCode(); $city = $user->getCity(); $province = $user->getProvince(); $prov_name = $province->getName(); $country = $user->getCountry(); $country_name = $country->getName(); $feat_str = html_encode($address) . "<br />" . html_encode($city); if ($prov_name) { $feat_str .= ", " . html_encode($prov_name); } $feat_str .= "<br />"; $feat_str .= html_encode($country_name); if ($postcode) { $feat_str .= ", " . html_encode($postcode); } break; case "phone": $feat_str = $user->getTelephone(); break; case "fax": $feat_str = $user->getFax(); break; default: Zend_Debug::dump($feature); return; } return $feat_str; }
/** * @param user User * @param $token Token * @return UserDto */ public function mapUserToDto(User $user, $token = null) { $userDto = new UserDto(); $userDto->setId($user->getId()); $userDto->setUserName($user->getUsername()); $userDto->setEmail($user->getEmail()); $userDto->setFirstName($user->getFirstName()); $userDto->setLastName($user->getLastName()); $userDto->setPicture($user->getPicture()); $userDto->setFile($user->getFile()); $userDto->setDisplay($user->getDisplay()); $userDto->setRole($this->roleMapper->mapUserRoleToDto($user->getRole())); $userDto->setToken($token); return $userDto; }
function getRole($type = null) { if (isset(Yii::app()->user->id)) { $groups = User::getGroups($this->id); if ($role = User::getRole($this->id)) { $role['role'] = $groups[$role['groupId']]; return $role; } else { $role['groupId'] = 6; $role['role'] = $groups[6]; return $role; } } else { $role['groupId'] = 0; $role['role'] = 0; return $role; } }
/** * Checks whether the given user has acces to a resource. * First invokes the parent for general ACL verification, then checks the instance specifically * * @param StitchPattern $resource * @param User $identity * @param string $privilege */ public function __invoke(\StitchPattern\Model\StitchPattern $resource, $identity, $privilege) { $sharePrivilages = array('convert', 'upload', 'pddemulate'); if (parent::__invoke('StitchPattern\\Controller', $privilege)) { if ($identity && $identity->getRole()->getName() == 'admin') { return true; } else { if ($identity && $resource->user_id == $identity->getId()) { return true; } else { if (in_array($privilege, $sharePrivilages) && $resource->shared) { return true; } } } } return false; }
/** * * @param User $user * @return int id of the User inserted in base. False if it didn't work. */ public static function flush($user) { $userId = $user->getId(); $login = $user->getLogin(); $password = $user->getPassword(); $mail = $user->getMail(); $inscriptionDate = $user->getInscriptionDate(); $firstName = $user->getFirstName(); $lastName = $user->getLastName(); $birthDate = $user->getBirthDate(); $address = $user->getAddress(); $phoneNumber = $user->getPhoneNumber(); $avatar = $user->getAvatar(); $role = $user->getRole()->getId(); if ($userId > 0) { $sql = 'UPDATE user u SET ' . 'u.login = ?, ' . 'u.passwd = ?, ' . 'u.mail = ?, ' . 'u.inscription_date = ?, ' . 'u.first_name = ?, ' . 'u.last_name = ?, ' . 'u.birth_date = ?, ' . 'u.address = ?, ' . 'u.phone_number = ?, ' . 'u.avatar = ?, ' . 'u.ROLE_id_role = ? ' . 'WHERE u.id_user = ?'; $params = array('ssssssssssii', &$login, &$password, &$mail, &$inscriptionDate, &$firstName, &$lastName, &$birthDate, &$address, &$phoneNumber, &$avatar, &$role, &$userId); } else { $sql = 'INSERT INTO user ' . '(login, passwd, mail, inscription_date, first_name, ' . 'last_name, birth_date, address, phone_number, avatar, ROLE_id_role) ' . 'VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'; $params = array('ssssssssssi', &$login, &$password, &$mail, &$inscriptionDate, &$firstName, &$lastName, &$birthDate, &$address, &$phoneNumber, &$avatar, &$role); } $idInsert = BaseSingleton::insertOrEdit($sql, $params); if ($idInsert !== false && $userId > 0) { $idInsert = $userId; } return $idInsert; }
/** * Lists the link filters currently in the system. * * @return array An array of information. */ public static function getList() { $sql = 'SELECT lfi_id, lfi_description, lfi_usr_role, lfi_pattern, lfi_replacement FROM {{%link_filter}} ORDER BY lfi_id'; try { $res = DB_Helper::getInstance()->getAll($sql); } catch (DbException $e) { return array(); } foreach ($res as &$row) { $sql = 'SELECT plf_prj_id, prj_title FROM {{%project_link_filter}}, {{%project}} WHERE prj_id = plf_prj_id AND plf_lfi_id = ?'; try { $projects = DB_Helper::getInstance()->getPair($sql, array($row['lfi_id'])); } catch (DbException $e) { $projects = array(); } if ($projects === null) { $projects = array(); } $row['projects'] = array_keys($projects); $row['project_names'] = array_values($projects); $row['min_usr_role_name'] = User::getRole($row['lfi_usr_role']); } return $res; }
/** * This displays a person's name, picture etc. including basic biographical information and assistant info if relevant * @param User $user */ function display_person(User $user) { global $ENTRADA_ACL; $photos = $user->getPhotos(); $user_id = $user->getID(); $is_administrator = $ENTRADA_ACL->amIallowed('user', 'update'); $prefix = $user->getPrefix(); $firstname = $user->getFirstname(); $lastname = $user->getLastname(); $fullname = $user->getName("%f %l"); $departments = $user->getDepartments(); if (0 < count($departments)) { $dep_titles = array(); foreach ($departments as $department) { $dep_titles[] = ucwords($department->getTitle()); } $group_line = implode("<br />", $dep_titles); } else { $group = $user->getGroup(); $role = $user->getRole(); $group_line = ucwords($group . " > " . ($group == "student" ? "Class of " : "") . $role); } $privacy_level = $user->getPrivacyLevel(); $organisation = $user->getOrganisation(); $org_name = $organisation ? $organisation->getTitle() : ""; $email = 1 < $privacy_level || $is_administrator ? $user->getEmail() : ""; $email_alt = $user->getAlternateEmail(); if (2 < $privacy_level || $is_administrator) { $show_address = true; $city = $user->getCity(); $province = $user->getProvince(); $prov_name = $province->getName(); $country = $user->getCountry(); $country_name = $country->getName(); $phone = $user->getTelephone(); $fax = $user->getFax(); $address = $user->getAddress(); $postcode = $user->getPostalCode(); $office_hours = $user->getOfficeHours(); } $assistants = $user->getAssistants(); //there are 4 photo cases (at time of writing): no photos, official only, uploaded only, or both. //privacy options also need to be considered here. ob_start(); ?> <div id="result-<?php echo $user_id; ?> " class="person-result"> <div id="img-holder-<?php echo $user_id; ?> " class="img-holder"> <?php $num_photos = count($photos); if (0 === $num_photos) { echo display_photo_placeholder(); } else { foreach ($photos as $photo) { echo display_photo($photo); } if (2 <= $num_photos) { $label = 0; foreach ($photos as $photo) { echo display_photo_link($photo, ++$label); } } echo display_zoom_controls($user_id); } ?> </div> <div class="person-data"> <div class="basic"> <span class="person-name"><?php echo html_encode($fullname); ?> </span> <span class="person-group"><?php echo html_encode($group_line); ?> </span> <span class="person-organisation"><?php echo html_encode($org_name); ?> </span> <div class="email-container"> <?php if ($email) { echo display_person_email($email); if ($email_alt) { echo display_person_email($email_alt); } } ?> </div> </div> <div class="address"> <?php if ($show_address) { if ($phone) { ?> <div> <span class="address-label">Telephone:</span> <span class="address-value"><?php echo html_encode($phone); ?> </span> </div> <?php } if ($fax) { ?> <div> <span class="address-label">Fax:</span> <span class="address-value"><?php echo html_encode($fax); ?> </span> </div> <?php } if ($address && $city) { ?> <div> <span class="address-label">Address:</span><br /> <span class="address-value"> <?php echo html_encode($address) . "<br />" . html_encode($city); if ($prov_name) { echo ", " . html_encode($prov_name); } echo "<br />"; echo html_encode($country_name); if ($postcode) { echo ", " . html_encode($postcode); } ?> </span> </div> <?php } if ($office_hours) { ?> <div> <span class="address-label">Office Hours:</span> <span class="address-value"><?php echo html_encode($office_hours); ?> </span> </div> <?php } } ?> </div> <div class="assistant"><?php if (count($assistants) > 0) { ?> <span class="content-small">Administrative Assistants:</span> <ul class="assistant-list"> <?php foreach ($assistants as $assistant) { echo "<li>" . display_person_email($assistant->getEmail(), $assistant->getName("%f %l")) . "</li>"; } ?> </ul><?php } ?> </div> </div> <div></div> <div class="clearfix"> </div> </div> <?php return ob_get_clean(); }
/** * Method used to get the list of custom fields available in the * system. * * @return array The list of custom fields */ public static function getList() { $stmt = 'SELECT * FROM {{%custom_field}} ORDER BY fld_rank ASC'; try { $res = DB_Helper::getInstance()->getAll($stmt); } catch (DbException $e) { return ''; } foreach ($res as &$row) { $row['projects'] = @implode(', ', array_values(self::getAssociatedProjects($row['fld_id']))); if ($row['fld_type'] == 'combo' || $row['fld_type'] == 'multiple') { if (!empty($row['fld_backend'])) { $row['field_options'] = implode(', ', array_values(self::getOptions($row['fld_id']))); } } if (!empty($row['fld_backend'])) { $row['field_options'] = 'Backend: ' . self::getBackendName($row['fld_backend']); } $row['min_role_name'] = User::getRole($row['fld_min_role']); } return $res; }
<?php $this->breadcrumbs = array(UserModule::t('Users') => array('admin'), $model->userLogin->username); ?> <h1><?php echo UserModule::t('View User') . ' "' . $model->userLogin->username . '"'; ?> </h1> <?php echo $this->renderPartial('_menu', array('list' => array(CHtml::link(UserModule::t('Create User'), array('create')), CHtml::link(UserModule::t('Update User'), array('update', 'id' => $model->user_id)), CHtml::linkButton(UserModule::t('Delete User'), array('submit' => array('delete', 'id' => $model->user_id), 'confirm' => UserModule::t('Are you sure to delete this item?')))))); $this->widget('zii.widgets.CDetailView', array('data' => $model, 'attributes' => array('name', array('name' => 'Username', 'value' => $model->userLogin->username), 'mobile', 'email', array('name' => 'Address', 'value' => $model->address1 . "\n" . $model->address2), 'city', 'state', 'country', 'pincode', array('name' => 'Created on', 'value' => date("d.m.Y H:i:s", strtotime($model->create_ts))), array('name' => 'Updated By', 'type' => 'raw', 'value' => $model->updated_by > 0 ? isset($model->updatedBy) ? CHtml::link(CHtml::encode($model->updatedBy->name), array("admin/view", "id" => $model->updatedBy->user_id)) : $model->updated_by : 'Unavailable'), array('name' => 'Updated on', 'value' => date("d.m.Y H:i:s", strtotime($model->update_ts))), array('name' => 'Role', 'value' => User::getRole($model->role)), array('name' => 'Last Visited On', 'value' => isset($model->userLogin->last_login) ? date("d.m.Y H:i:s", strtotime($model->userLogin->last_login)) : 'Never Logged In'))));
/** * Method used to get the list of issues to be displayed in the grid layout. * * @access public * @param array $options The search parameters * @return string The where clause */ function buildWhereClause($options) { $usr_id = Auth::getUserID(); $prj_id = Auth::getCurrentProject(); $role_id = User::getRoleByUser($usr_id, $prj_id); $stmt = ' AND iss_usr_id = en_ID'; if (User::getRole($role_id) == "Customer") { $stmt .= " AND iss_customer_id=" . User::getCustomerID($usr_id); } elseif ($role_id <= User::getRoleID("Standard User") && Project::getSegregateReporters($prj_id)) { $stmt .= " AND (\n iss_usr_id = {$usr_id} OR\n iur_usr_id = {$usr_id} OR\n isu_usr_id = {$usr_id}\n )"; } if (!empty($options["users"])) { $stmt .= " AND (\n"; if (stristr($options["users"], "grp") !== false) { $chunks = explode(":", $options["users"]); $stmt .= 'iss_grp_id = ' . Misc::escapeInteger($chunks[1]); } else { if ($options['users'] == '-1') { $stmt .= 'isu_usr_id IS NULL'; } elseif ($options['users'] == '-2') { $stmt .= 'isu_usr_id IS NULL OR isu_usr_id=' . $usr_id; } elseif ($options['users'] == '-3') { $stmt .= 'isu_usr_id = ' . $usr_id . ' OR iss_grp_id = ' . User::getGroupID($usr_id); } elseif ($options['users'] == '-4') { $stmt .= 'isu_usr_id IS NULL OR isu_usr_id = ' . $usr_id . ' OR iss_grp_id = ' . User::getGroupID($usr_id); } else { $stmt .= 'isu_usr_id =' . Misc::escapeInteger($options["users"]); } } $stmt .= ')'; } if (!empty($options["reporter"])) { $stmt .= " AND iss_usr_id = " . Misc::escapeInteger($options["reporter"]); } if (!empty($options["show_authorized_issues"])) { $stmt .= " AND (iur_usr_id={$usr_id})"; } if (!empty($options["show_notification_list_issues"])) { $stmt .= " AND (sub_usr_id={$usr_id})"; } if (!empty($options["keywords"])) { $stmt .= " AND (\n"; if ($options['search_type'] == 'all_text' && APP_ENABLE_FULLTEXT) { $stmt .= "iss_id IN(" . join(', ', Issue::getFullTextIssues($options)) . ")"; } elseif ($options['search_type'] == 'customer' && Customer::hasCustomerIntegration($prj_id)) { // check if the user is trying to search by customer email $customer_ids = Customer::getCustomerIDsLikeEmail($prj_id, $options['keywords']); if (count($customer_ids) > 0) { $stmt .= " iss_customer_id IN (" . implode(', ', $customer_ids) . ")"; } else { // no results, kill query $stmt .= " iss_customer_id = -1"; } } else { $stmt .= "(" . Misc::prepareBooleanSearch('iss_summary', $options["keywords"]); $stmt .= " OR " . Misc::prepareBooleanSearch('iss_description', $options["keywords"]) . ")"; } $stmt .= "\n) "; } if (!empty($options["priority"])) { $stmt .= " AND iss_pri_id=" . Misc::escapeInteger($options["priority"]); } if (!empty($options["status"])) { $stmt .= " AND iss_sta_id=" . Misc::escapeInteger($options["status"]); } if (!empty($options["category"])) { $stmt .= " AND iss_prc_id=" . Misc::escapeInteger($options["category"]); } if (!empty($options["hide_closed"])) { $stmt .= " AND sta_is_closed=0"; } if (!empty($options["hide_answered"])) { $stmt .= " AND iss_control_status='Unanswered'"; } if (!empty($options['release'])) { $stmt .= " AND iss_pre_id = " . Misc::escapeInteger($options['release']); } // now for the date fields $date_fields = array('created_date', 'updated_date', 'last_response_date', 'first_response_date', 'closed_date'); foreach ($date_fields as $field_name) { if (!empty($options[$field_name])) { switch ($options[$field_name]['filter_type']) { case 'greater': $stmt .= " AND iss_{$field_name} >= '" . Misc::escapeString($options[$field_name]['start']) . "'"; break; case 'less': $stmt .= " AND iss_{$field_name} <= '" . Misc::escapeString($options[$field_name]['start']) . "'"; break; case 'between': $stmt .= " AND iss_{$field_name} BETWEEN '" . Misc::escapeString($options[$field_name]['start']) . "' AND '" . Misc::escapeString($options[$field_name]['end']) . "'"; break; case 'null': $stmt .= " AND iss_{$field_name} IS NULL"; break; case 'in_past': if (strlen($options[$field_name]['time_period']) == 0) { $options[$field_name]['time_period'] = 0; } $stmt .= " AND (UNIX_TIMESTAMP('" . Date_API::getCurrentDateGMT() . "') - UNIX_TIMESTAMP(iss_{$field_name})) <= (" . Misc::escapeInteger($options[$field_name]['time_period']) . "*3600)"; break; case 'not_in_past': if (strlen($options[$field_name]['time_period']) == 0) { $options[$field_name]['time_period'] = 0; } $stmt .= " AND \n\t\t\t\t\t\t(\n\t\t\t\t\t\t\tiss_{$field_name} is NULL || \n\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\t\t(UNIX_TIMESTAMP('" . Date_API::getCurrentDateGMT() . "') - UNIX_TIMESTAMP(iss_{$field_name})) > (" . Misc::escapeInteger($options[$field_name]['time_period']) . "*3600)\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t)\n\t\t\t\t\t\t)"; break; } } } // custom fields if (is_array($options['custom_field']) && count($options['custom_field']) > 0) { foreach ($options['custom_field'] as $fld_id => $search_value) { if (empty($search_value)) { continue; } $field = Custom_Field::getDetails($fld_id); if ($field['fld_type'] == 'multiple') { $search_value = Misc::escapeInteger($search_value); foreach ($search_value as $cfo_id) { $stmt .= " AND\n cf" . $fld_id . '_' . $cfo_id . ".icf_iss_id = iss_id"; $stmt .= " AND\n cf" . $fld_id . '_' . $cfo_id . ".icf_fld_id = {$fld_id}"; $stmt .= " AND\n cf" . $fld_id . '_' . $cfo_id . ".icf_value = {$cfo_id}"; } } elseif ($field['fld_type'] == 'date') { if (empty($search_value['Year']) || empty($search_value['Month']) || empty($search_value['Day'])) { continue; } $search_value = $search_value['Year'] . "-" . $search_value['Month'] . "-" . $search_value['Day']; $stmt .= " AND\n (iss_id = cf" . $fld_id . ".icf_iss_id AND\n cf" . $fld_id . ".icf_value = '" . Misc::escapeString($search_value) . "')"; } else { $stmt .= " AND\n (iss_id = cf" . $fld_id . ".icf_iss_id"; $stmt .= " AND\n cf" . $fld_id . ".icf_fld_id = {$fld_id}"; if (in_array($field['fld_type'], array('text', 'textarea'))) { $stmt .= " AND cf" . $fld_id . ".icf_value LIKE '%" . Misc::escapeString($search_value) . "%'"; } elseif ($field['fld_type'] == 'combo') { $stmt .= " AND cf" . $fld_id . ".icf_value IN(" . join(', ', Misc::escapeInteger($search_value)) . ")"; } $stmt .= ')'; } } } // clear cached full-text values if we are not searching fulltext anymore if (APP_ENABLE_FULLTEXT && @$options['search_type'] != 'all_text') { Session::set('fulltext_string', ''); Session::set('fulltext_issues', ''); } return $stmt; }
/** * @package CandyCMS * @version 0.1 * @copyright Copyright 2012 (C) Cocoon Design Ltd. - All Rights Reserved * * Login page for CandyCMS admin */ session_start(); if (isset($_SESSION['loggedin'])) { header('Location: dashboard.php'); } require 'bootstrap.php'; if (isset($_POST['username'])) { $login = Login::signin($_POST['username'], $_POST['password']); if ($login != false) { $role = User::getRole($_POST['username']); $_SESSION['loggedin'] = 'true'; $_SESSION['username'] = $_POST['username']; $_SESSION['role'] = $role; header('Location: dashboard.php'); } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>CMS Login</title> <link rel="stylesheet" href="css/login.css" type="text/css" /> <!--[if lt IE 9]>
/** * Processes the template and assign common variables automatically. * @return $this */ private function processTemplate() { $core = array('rel_url' => APP_RELATIVE_URL, 'base_url' => APP_BASE_URL, 'app_title' => APP_NAME, 'app_version' => APP_VERSION, 'app_setup' => Setup::load(), 'messages' => Misc::getMessages(), 'roles' => User::getAssocRoleIDs(), 'auth_backend' => APP_AUTH_BACKEND, 'current_url' => $_SERVER['PHP_SELF']); // If VCS version is present "Eventum 2.3.3-148-g78b3368", link ref to github $vcsVersion = self::getVcsVersion(); if ($vcsVersion) { $link = "https://github.com/eventum/eventum/commit/{$vcsVersion}"; $core['application_version_link'] = $link; // append VCS version if not yet there if (!preg_match('/-g[0-9a-f]+$/', APP_VERSION)) { $core['app_version'] = "v{$core['app_version']}-g{$vcsVersion}"; } } $usr_id = Auth::getUserID(); if ($usr_id) { $core['user'] = User::getDetails($usr_id); $prj_id = Auth::getCurrentProject(); $setup = Setup::load(); if (!empty($prj_id)) { $role_id = User::getRoleByUser($usr_id, $prj_id); $has_crm = CRM::hasCustomerIntegration($prj_id); $core = $core + array('project_id' => $prj_id, 'project_name' => Auth::getCurrentProjectName(), 'has_crm' => $has_crm, 'current_role' => $role_id, 'current_role_name' => User::getRole($role_id), 'feature_access' => Access::getFeatureAccessArray($usr_id)); if ($has_crm) { $crm = CRM::getInstance($prj_id); $core['crm_template_path'] = $crm->getTemplatePath(); if ($role_id == User::getRoleID('Customer')) { try { $contact = $crm->getContact($core['user']['usr_customer_contact_id']); $core['allowed_customers'] = $contact->getCustomers(); $core['current_customer'] = $crm->getCustomer(Auth::getCurrentCustomerID(false)); } catch (CRMException $e) { } } } } $info = User::getDetails($usr_id); $raw_projects = Project::getAssocList(Auth::getUserID(), false, true); $active_projects = array(); foreach ($raw_projects as $prj_id => $prj_info) { if ($prj_info['status'] == 'archived') { $prj_info['prj_title'] .= ' ' . ev_gettext('(archived)'); } $active_projects[$prj_id] = $prj_info['prj_title']; } $core = $core + array('active_projects' => $active_projects, 'current_full_name' => $info['usr_full_name'], 'current_email' => $info['usr_email'], 'current_user_id' => $usr_id, 'current_user_datetime' => Date_Helper::getISO8601date('now', '', true), 'is_current_user_clocked_in' => User::isCLockedIn($usr_id), 'is_anon_user' => Auth::isAnonUser(), 'is_current_user_partner' => !empty($info['usr_par_code']), 'roles' => User::getAssocRoleIDs(), 'current_user_prefs' => Prefs::get(Auth::getUserID())); $this->assign('current_full_name', $core['user']['usr_full_name']); $this->assign('current_email', $core['user']['usr_email']); $this->assign('current_user_id', $usr_id); $this->assign('handle_clock_in', $setup['handle_clock_in'] == 'enabled'); $this->assign('is_current_user_clocked_in', User::isClockedIn($usr_id)); $this->assign('roles', User::getAssocRoleIDs()); } $this->assign('core', $core); return $this; }
$action = fRequest::get('action'); // --------------------------------- // if ('log_out' == $action) { fAuthorization::destroyUserInfo(); fSession::destroy(); fMessaging::create('success', User::makeUrl('login'), 'You were successfully logged out'); fURL::redirect(User::makeUrl('login')); // --------------------------------- // } else { if (!fAuthorization::checkLoggedIn()) { if (fRequest::isPost()) { try { $user = new User(array('username' => fRequest::get('username'))); $valid_pass = fCryptography::checkPasswordHash(fRequest::get('password'), $user->getPassword()); if (!$valid_pass) { throw new fValidationException('The login or password entered is invalid'); } fAuthorization::setUserToken($user->getEmail()); fAuthorization::setUserAuthLevel($user->getRole()); fSession::set('user_id', $user->getUserId()); fSession::set('user_name', $user->getUsername()); fURL::redirect(fAuthorization::getRequestedURL(TRUE, 'index.php')); } catch (fExpectedException $e) { fMessaging::create('error', fURL::get(), $e->getMessage()); } } include VIEW_PATH . '/log_in.php'; } else { fURL::redirect('index.php'); } }
/** * Method used to get the list of custom fields available in the * system. * * @access public * @return array The list of custom fields */ function getList() { $stmt = "SELECT\n *\n FROM\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "custom_field\n ORDER BY\n fld_rank ASC"; $res = $GLOBALS["db_api"]->dbh->getAll($stmt, DB_FETCHMODE_ASSOC); if (PEAR::isError($res)) { Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__); return ""; } else { for ($i = 0; $i < count($res); $i++) { $res[$i]["projects"] = @implode(", ", array_values(Custom_Field::getAssociatedProjects($res[$i]["fld_id"]))); if ($res[$i]["fld_type"] == "combo" || $res[$i]["fld_type"] == "multiple") { if (!empty($res[$i]['fld_backend'])) { $res[$i]["field_options"] = @implode(", ", array_values(Custom_Field::getOptions($res[$i]["fld_id"]))); } } if (!empty($res[$i]['fld_backend'])) { $res[$i]['field_options'] = 'Backend: ' . Custom_Field::getBackendName($res[$i]['fld_backend']); } $res[$i]['min_role_name'] = @User::getRole($res[$i]['fld_min_role']); } return $res; } }
} // if we are dealing with just one message, use the subject line as the // summary for the issue, and the body as the description if (count($HTTP_GET_VARS["item"]) == 1) { $email_details = Support::getEmailDetails(Email_Account::getAccountByEmail($HTTP_GET_VARS["item"][0]), $HTTP_GET_VARS["item"][0]); $tpl->assign(array('issue_summary' => $email_details['sup_subject'], 'issue_description' => $email_details['message'])); // also auto pre-fill the customer contact text fields if (Customer::hasCustomerIntegration($prj_id)) { $sender_email = Mail_API::getEmailAddress($email_details['sup_from']); list(, $contact_id) = Customer::getCustomerIDByEmails($prj_id, array($sender_email)); if (!empty($contact_id)) { $tpl->assign("contact_details", Customer::getContactDetails($prj_id, $contact_id)); } } } } } $tpl->assign(array("cats" => Category::getAssocList($prj_id), "priorities" => Priority::getAssocList($prj_id), "users" => Project::getUserAssocList($prj_id, 'active', User::getRoleID('Customer')), "releases" => Release::getAssocList($prj_id), "custom_fields" => Custom_Field::getListByProject($prj_id, 'report_form'), "max_attachment_size" => Attachment::getMaxAttachmentSize(), "field_display_settings" => Project::getFieldDisplaySettings($prj_id), "groups" => Group::getAssocList($prj_id))); $setup = Setup::load(); $tpl->assign("allow_unassigned_issues", @$setup["allow_unassigned_issues"]); $prefs = Prefs::get($usr_id); $tpl->assign("user_prefs", $prefs); $tpl->assign("zones", Date_API::getTimezoneList()); if (User::getRole(Auth::getCurrentRole()) == "Customer") { $customer_contact_id = User::getCustomerContactID($usr_id); $tpl->assign("contact_details", Customer::getContactDetails($prj_id, $customer_contact_id)); $customer_id = User::getCustomerID($usr_id); $tpl->assign("contacts", Customer::getContactEmailAssocList($prj_id, $customer_id)); $tpl->assign(array("customer_id" => User::getCustomerID($usr_id), "contact_id" => User::getCustomerContactID($usr_id))); } $tpl->displayTemplate();
<?php $user_id = '3'; $u = new User(); $u->load($user_id); $rolle = $u->getRole(); //html::showAll($rolle); $vname = $rolle->getVorname(); $nname = $rolle->getNachname(); $geburtstag_db = $u->getGeburtstag(); $nick = $u->getLogin(); $email = $u->getEmail(); $beschreibung = $rolle->getBeschreibung(); $klasse_id = $rolle->getKlasse_Id(); $k = new Klasse(); $k->load($klasse_id); $klasse = $k->getName(); //Umwandlung der DB-Schreibweise in die EU-Schreibweise $geburtstag = html::buildDateFromMysql($geburtstag_db); //Errechung des Alters $alter = html::buildDateToAge($geburtstag); ?> <html> <head> <title>Profil ändern</title> </head> <body> <form method="post" action="index.phpaction=save&what=edituser"> <input type="hidden" name="user_id" value="<?php echo $user_id;
public function testGetSetRole() { $user = new User(); $user->setRole('user'); $this->assertEquals('user', $user->getRole()); }
/** * Method used to get an associative array of project ID and title * of all projects available in the system to a given user ID. * * @access public * @param integer $usr_id The user ID * @param boolean $force_refresh If the cache should not be used. * @param boolean $include_role if the user role should be included. * @return array The list of projects */ function getAssocList($usr_id, $force_refresh = false, $include_role = false) { static $returns; if (!empty($returns[$usr_id][$include_role]) && $force_refresh != true) { return $returns[$usr_id][$include_role]; } $stmt = "SELECT\n prj_id,\n prj_title"; if ($include_role) { $stmt .= ",\npru_role"; } $stmt .= "\n FROM\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "project,\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "project_user\n WHERE\n prj_id=pru_prj_id AND\n pru_usr_id=" . Misc::escapeInteger($usr_id) . "\n ORDER BY\n prj_title"; if ($include_role) { $res = $GLOBALS["db_api"]->dbh->getAssoc($stmt, true, array(), DB_FETCHMODE_ASSOC); } else { $res = $GLOBALS["db_api"]->dbh->getAssoc($stmt); } if (PEAR::isError($res)) { Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__); return ""; } else { if ($include_role) { foreach ($res as $prj_id => $data) { $res[$prj_id]['role'] = User::getRole($data['pru_role']); } } $returns[$usr_id][$include_role] = $res; return $res; } }
/** * Processes the template and assigns common variables automatically. * * @access private */ function processTemplate() { global $HTTP_SERVER_VARS; // determine the correct CSS file to use if (ereg('MSIE ([0-9].[0-9]{1,2})', @$HTTP_SERVER_VARS["HTTP_USER_AGENT"], $log_version)) { $user_agent = 'ie'; } else { $user_agent = 'other'; } $this->assign("user_agent", $user_agent); // create the list of projects $usr_id = Auth::getUserID(); if ($usr_id != '') { $prj_id = Auth::getCurrentProject(); if (!empty($prj_id)) { $role_id = User::getRoleByUser($usr_id, $prj_id); $this->assign("current_project", $prj_id); $this->assign("current_project_name", Auth::getCurrentProjectName()); $has_customer_integration = Customer::hasCustomerIntegration($prj_id); $this->assign("has_customer_integration", $has_customer_integration); if ($has_customer_integration) { $this->assign("customer_backend_name", Customer::getBackendImplementationName($prj_id)); } if ($role_id == User::getRoleID('administrator') || $role_id == User::getRoleID('manager')) { $this->assign("show_admin_link", true); } if ($role_id > 0) { $this->assign("current_role", (int) $role_id); $this->assign("current_role_name", User::getRole($role_id)); } } $info = User::getNameEmail($usr_id); $this->assign("active_projects", Project::getAssocList($usr_id)); $this->assign("current_full_name", $info["usr_full_name"]); $this->assign("current_email", $info["usr_email"]); $this->assign("current_user_id", $usr_id); $this->assign("is_current_user_clocked_in", User::isClockedIn($usr_id)); $this->assign("roles", User::getAssocRoleIDs()); } $this->assign("app_setup", Setup::load()); $this->assign("app_setup_path", APP_SETUP_PATH); $this->assign("app_setup_file", APP_SETUP_FILE); $this->assign("application_version", APP_VERSION); $this->assign("application_title", APP_NAME); $this->assign("app_base_url", APP_BASE_URL); $this->assign("rel_url", APP_RELATIVE_URL); $this->assign("lang", APP_CURRENT_LANG); $this->assign("SID", SID); // now for the browser detection stuff Net_UserAgent_Detect::detect(); $this->assign("browser", Net_UserAgent_Detect::_getStaticProperty('browser')); $this->assign("os", Net_UserAgent_Detect::_getStaticProperty('os')); // this is only used by the textarea resize script $js_script_name = str_replace('/', '_', str_replace('.php', '', $HTTP_SERVER_VARS['PHP_SELF'])); $this->assign("js_script_name", $js_script_name); $this->assign("total_queries", $GLOBALS['TOTAL_QUERIES']); $this->assign(array("cell_color" => APP_CELL_COLOR, "light_color" => APP_LIGHT_COLOR, "middle_color" => APP_MIDDLE_COLOR, "dark_color" => APP_DARK_COLOR, "cycle" => APP_CYCLE_COLORS, "internal_color" => APP_INTERNAL_COLOR)); }
public function getRole() { $this->__load(); return parent::getRole(); }
/** * Method used to get an associative array of project ID and title * of all projects available in the system to a given user ID. * * @param integer $usr_id The user ID * @param boolean $force_refresh If the cache should not be used. * @param boolean $include_extra If extra data should be included. * @return array The list of projects */ public static function getAssocList($usr_id, $force_refresh = false, $include_extra = false) { static $returns; if (!empty($returns[$usr_id][$include_extra]) && $force_refresh != true) { return $returns[$usr_id][$include_extra]; } $stmt = 'SELECT prj_id, prj_title'; if ($include_extra) { $stmt .= ', pru_role, prj_status as status'; } $stmt .= ' FROM {{%project}}, {{%project_user}} WHERE prj_id=pru_prj_id AND pru_usr_id=? AND ( prj_status <> ? OR pru_role >= ? ) ORDER BY prj_title'; try { $params = array($usr_id, 'archived', User::getRoleID('Manager')); if ($include_extra) { $res = DB_Helper::getInstance()->fetchAssoc($stmt, $params, DB_FETCHMODE_ASSOC); } else { $res = DB_Helper::getInstance()->getPair($stmt, $params); } } catch (DbException $e) { return ''; } if ($include_extra) { foreach ($res as $prj_id => $data) { $res[$prj_id]['role'] = User::getRole($data['pru_role']); } } $returns[$usr_id][$include_extra] = $res; return $res; }
function getUserCategoryValues(User $eUser, MetaDataType $category) { $org_id = $eUser->getOrganisationId(); $group = $eUser->getGroup(); $role = $eUser->getRole(); $proxy_id = $eUser->getID(); return MetaDataValues::get($org_id, $group, $role, $proxy_id, $category, true, array("order by" => array(array("meta_value_id", "desc")))); }
/** * @see IUserAuthentication::logoutUser() */ public function logoutUser(User $currentUser) { if ($currentUser->getRole() == ROLE_USER) { $currentUser->id = null; $currentUser->username = null; $currentUser->email = null; $_SESSION = array(); session_destroy(); CookieHelper::destroyCookie('user'); } }